Caution
This project is designed to demonstrate and expose vulnerabilities in devices.
Beware! This malware is currently undetected by popular antivirus.
Educational purposes only.
A lightweight Asynchronous JVM-based RAT (Remote Access Trojan) written in Kotlin.
- Periodicals screenshots
- Real-time webcam
- Discord account information
- Several on-demand actions
- Everything silently and undetectable by antivirus
- Download the latest release and put it on a server
- Configure the
DISCORD_BOT_TOKENenvironment variable to your bot token - Run the
KRAT-server.jarfile with your Discord bot token as parameter
java -jar KRAT-server.jar/computers: get all infected computers/webcam: take a webcam capture and send it/screenshot: take a screenshot and send it/filetree: sends the victim's file tree/upload <link> <absolute-path>: upload a file to the victim/download <absolute-path>: download a file from the victim/run <file>: execute a file on the victim's computer/delete <absolute-path>: delete a file from the victim's computer
The project aims to be multiplatform, it can be compiled to run on any OS that has JVM.
| OS | Supported |
|---|---|
| Windows | ✅ |
| Linux | ✅ |
| macOS | ✅ |
| Android | ❌ |
| iOS | ❌ |
- Kotlin
- Coroutines: Asynchronous programming
- Ktor: client-server communication
- DiscordKt and Kord: Discord API wrapper
- webcam-capture
At this stage, the malware is tiny only downloads the run.bat file from the server and make it runs on every startup.
If the latest version of the file can't be downloaded, the malware will use his backup version.
Now, the malware will start connecting to the server via websockets. It will also steal every information possible from the victim's computer and send it to the server.
Finally, the malware will start listening background precesses.
The bot sends victim's info via a Discord server get instructions from commands.